Originally Posted by
tmiw
I'd be a bit concerned about that particular requirement considering how common hacking into people's email accounts is. At the very least I'd insist on 2FA for whatever email address gets that certificate (though that's probably something everyone should be doing regardless of whether a certificate is required).
Sure, but the alternative here is just me scribbling out the old John Hancock, which hardly seems like a paragon of security either. Ink on paper? How 18th century.